From 9417303654866c0b26f6b837398fb5b06a58555e Mon Sep 17 00:00:00 2001
From: Christoph <ckubu@oopen.de>
Date: Sun, 21 Oct 2018 18:17:21 +0200
Subject: [PATCH] Fix error: add missing code for 'allow_samba_requests_out'.

---
 ip6t-firewall-gateway | 33 +++++++++++++++++++++++++++++++++
 ipt-firewall-gateway  | 34 ++++++++++++++++++++++++++++++++++
 2 files changed, 67 insertions(+)

diff --git a/ip6t-firewall-gateway b/ip6t-firewall-gateway
index cfdb4ea..808b5b0 100755
--- a/ip6t-firewall-gateway
+++ b/ip6t-firewall-gateway
@@ -2124,6 +2124,39 @@ else
 fi
 
 
+# ---
+# - Samba Service only out
+# ---
+
+echononl "\t\tSamba Service only out"
+
+if $allow_samba_requests_out && ! $permit_local_net_to_inet ; then
+   for _dev in ${ext_if_arr[@]} ; do
+
+      for _port in ${samba_udp_ports[@]} ; do
+         $ip6t -A OUTPUT -o $_dev -p udp --dport $_port -m conntrack --ctstate NEW -j ACCEPT
+      done
+      for _port in ${samba_tcp_ports[@]} ; do
+         $ip6t -A OUTPUT -o $_dev -p tcp --dport $_port -m conntrack --ctstate NEW -j ACCEPT
+      done
+
+      if $kernel_forward_between_interfaces : then
+         
+         for _port in ${samba_udp_ports[@]} ; do
+            $ip6t -A FORWARD -o $_dev -p udp --dport $_port -m conntrack --ctstate NEW -j ACCEPT
+         done
+         for _port in ${samba_tcp_ports[@]} ; do
+            $ip6t -A FORWARD -o $_dev -p tcp --dport $_port -m conntrack --ctstate NEW -j ACCEPT
+         done
+      fi
+   done
+
+   echo_done
+else
+   echo_skipped
+fi
+
+
 
 # ---
 # - Samba Service Gateway (only for local Networks)
diff --git a/ipt-firewall-gateway b/ipt-firewall-gateway
index cb7c4f0..866f135 100755
--- a/ipt-firewall-gateway
+++ b/ipt-firewall-gateway
@@ -2818,6 +2818,40 @@ else
 fi
 
 
+# ---
+# - Samba Service only out
+# ---
+
+echononl "\t\tSamba Service only out"
+
+if $allow_samba_requests_out && ! $permit_local_net_to_inet ; then
+   for _dev in ${ext_if_arr[@]} ; do
+
+      for _port in ${samba_udp_ports[@]} ; do
+         $ipt -A OUTPUT -o $_dev -p udp --dport $_port -m conntrack --ctstate NEW -j ACCEPT
+      done
+      for _port in ${samba_tcp_ports[@]} ; do
+         $ipt -A OUTPUT -o $_dev -p tcp --dport $_port -m conntrack --ctstate NEW -j ACCEPT
+      done
+
+      if $kernel_activate_forwarding ; then
+         
+         for _port in ${samba_udp_ports[@]} ; do
+            echo -e "\n$ipt -A FORWARD -o $_dev -p udp --dport $_port -m conntrack --ctstate NEW -j ACCEPT"
+            $ipt -A FORWARD -o $_dev -p udp --dport $_port -m conntrack --ctstate NEW -j ACCEPT
+         done
+         for _port in ${samba_tcp_ports[@]} ; do
+            echo "$ipt -A FORWARD -o $_dev -p tcp --dport $_port -m conntrack --ctstate NEW -j ACCEPT"
+            $ipt -A FORWARD -o $_dev -p tcp --dport $_port -m conntrack --ctstate NEW -j ACCEPT
+         done
+      fi
+   done
+
+   echo_done
+else
+   echo_skipped
+fi
+
 
 # ---
 # - Samba Service Gateway (only for local Networks)